Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Newbie question

    Scheduled Pinned Locked Moved General pfSense Questions
    8 Posts 3 Posters 3.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P Offline
      Premier
      last edited by

      Hi, I have read all the stickies and can not find the answer to my question.
      I have a core router with many many remote access points connected to it. Up to now we had a Netequalizer connected between the core router and the access points.
      Question is, can we put the PFsense firewall in the same position as the Netequalizer was, acting as a transparent firewall, limiting the amount of open connections each user can open while distributing the bandwidth as equal as possible during our peak times?

      1 Reply Last reply Reply Quote 0
      • X Offline
        XIII
        last edited by

        yes, with the traffic shaper you can limit users bandwidth

        -Chris Stutzman
        Sys0:2.0.1: AMD Sempron 140 @2.7 1024M RAM 100GHD
        Sys1:2.0.1: Intel P4 @2.66 1024M RAM 40GHD
        freedns.afraid.org - Free DNS dynamic DNS subdomain and domain hosting.
        Check out the pfSense Wiki

        1 Reply Last reply Reply Quote 0
        • P Offline
          Premier
          last edited by

          But will it do it automatically or do you have to enter in every single ip of each of the machines on the network?

          Also I have set up pfsense tonight and turned it into a transparent bridge. I can not get any traffic to move accross it.
          Is there some default firewall rules I need? Have'nt messed much with the firewall.

          1 Reply Last reply Reply Quote 0
          • D Offline
            dreamslacker
            last edited by

            You can set a rule to catch all the clients.

            Under Advanced Options in the rule, you can limit:

            • Maximum number of established connections per host

            • Maximum state entries per host

            • Maximum new connections / per second(s)

            1 Reply Last reply Reply Quote 0
            • P Offline
              Premier
              last edited by

              @dreamslacker:

              You can set a rule to catch all the clients.

              Under Advanced Options in the rule, you can limit:

              • Maximum number of established connections per host

              • Maximum state entries per host

              • Maximum new connections / per second(s)

              When you say all the clients, we dont have to add them individually do we? We have over 2500 clients on the LAN side of the PFsense.
              I would like to limit each customer to 60 open connections, 30 up and 30 down automatically. Can this be done? If so can you point me to how its done?

              Thanks

              1 Reply Last reply Reply Quote 0
              • D Offline
                dreamslacker
                last edited by

                @Premier:

                @dreamslacker:

                You can set a rule to catch all the clients.

                Under Advanced Options in the rule, you can limit:

                • Maximum number of established connections per host

                • Maximum state entries per host

                • Maximum new connections / per second(s)

                When you say all the clients, we dont have to add them individually do we? We have over 2500 clients on the LAN side of the PFsense.
                I would like to limit each customer to 60 open connections, 30 up and 30 down automatically. Can this be done? If so can you point me to how its done?

                Thanks

                That will fall under:  Maximum number of established connections per host

                Just create a rule that catches all traffic from LAN then set the limits per host.  Of course, if you need to shape more then there's much more tweaking to be done.

                1 Reply Last reply Reply Quote 0
                • P Offline
                  Premier
                  last edited by

                  Any chance of a link to some kind of tutorial as to how that is done?
                  Also I have my WAN and LAN bridged but I can not pass traffic through it. Im sure I am missing rules in the firewall but dont have a clue what to put in there.

                  1 Reply Last reply Reply Quote 0
                  • P Offline
                    Premier
                    last edited by

                    @dreamslacker:

                    That will fall under:  Maximum number of established connections per host

                    Just create a rule that catches all traffic from LAN then set the limits per host.  Of course, if you need to shape more then there's much more tweaking to be done.

                    What is the recommended setting for this? I set it to 60 on both the WAN and the LAN side and after a few mins my connection just came to a crawl. I had to disable it to get back online.

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.